BootstrapContext is null on ClaimsIdentity

asp.net-mvc .net-4.5 wif claims-based-identity ws-federation
Unmesh Kondolikar picture Unmesh Kondolikar · Dec 29, 2012 · Viewed 8.7k times · Source

I have created a new ASP.NET MVC application with .NET 4.5. I have successfully set up authentication with an STS. The authentication flow is working fine and I am able to get the ClaimsIdentity, containing the desired claims, on Thread.CurrentPrincipal.

Now I need the bootstrap token to secure the calls to my service layer. I have set the saveBootstrapContext to true on the identityConfiguration element.

<system.identityModel>
    <identityConfiguration saveBootstrapContext="true">

However, the BootstrapContext property on the ClaimsIdentity is always null. 

var identity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;
var context = identity.BootstrapContext; // context is always null

Am I missing anything here? This was supposed to be straightforward :(

----------- Resolved ------------

This issue is resolved after I rebooted my system. Note that it did not resolved after an iisreset. Later I changed the configuration to use Microsoft.IdentityModel instead of System.IdentityModel. I was able to repro this behavior. After another reboot, I was able to get the bootstrap token once again. Anyone else experiencing same behavior?

Answer

Jaanus picture Jaanus · Nov 20, 2015

Solved it by these:

<system.identityModel>
    <identityConfiguration saveBootstrapContext="true" />
</system.identityModel>

Also need to set TokenValidationParameters.SaveSigninToken, which is distinct from JwtBearerOptions.SaveTokens:

app.UseWindowsAzureActiveDirectoryBearerAuthentication(
    new WindowsAzureActiveDirectoryBearerAuthenticationOptions {
        Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
        TokenValidationParameters = new TokenValidationParameters {
            SaveSigninToken = true,               
            ValidAudience = ConfigurationManager.AppSettings["ida:Audience"]
        }
    }
);

Related questions

Why would FederatedAuthentication.WSFederationAuthenticationModule be null in MVC Azure ACS Federated Authentication?

I'm trying to put together FederatedAuthentication with .NET 4.5, MVC 4, and active redirect using a custom server-side login page, using code from this tutorial, and from this code sample. Redirecting to the LogOn method of my AccountController works fine, and the …

Read More
Set database timeout in Entity Framework

My command keeps timing out, so I need to change the default command timeout value. I've found myDb.Database.Connection.ConnectionTimeout, but it's readonly. How can I set the command timeout in Entity Framework 5 ?

Read More
System.Web.Http missing after .net 4.5 upgrade

I've just upgraded my solution to .net 4.5 using Target Framework Migrator, and then the package manager console command: Update-Package -Reinstall -IgnoreDependencies In one of my projects I am using: using System.Web.Http.Controllers; using System.Web.Http.Filters; The …

Read More